From 398ecb76667710731bc065f35b78706125fc8077 Mon Sep 17 00:00:00 2001 From: Sascha Kruse Date: Thu, 12 May 2022 11:48:38 +0200 Subject: [PATCH] add radius check --- db/patch-add-radius-monitor.sql | 18 ++++++++++++++++ package.json | 1 + server/database.js | 1 + server/model/monitor.js | 33 +++++++++++++++++++++++++++-- server/server.js | 5 +++++ server/util-server.js | 30 ++++++++++++++++++++++++++ src/languages/en.js | 6 ++++++ src/pages/EditMonitor.vue | 37 +++++++++++++++++++++++++++++++-- 8 files changed, 127 insertions(+), 4 deletions(-) create mode 100644 db/patch-add-radius-monitor.sql diff --git a/db/patch-add-radius-monitor.sql b/db/patch-add-radius-monitor.sql new file mode 100644 index 000000000..1fd5b44f4 --- /dev/null +++ b/db/patch-add-radius-monitor.sql @@ -0,0 +1,18 @@ +BEGIN TRANSACTION; + +ALTER TABLE monitor + ADD radius_username VARCHAR(255); + +ALTER TABLE monitor + ADD radius_password VARCHAR(255); + +ALTER TABLE monitor + ADD radius_calling_station_id VARCHAR(50); + +ALTER TABLE monitor + ADD radius_called_station_id VARCHAR(50); + +ALTER TABLE monitor + ADD radius_secret VARCHAR(255); + +COMMIT diff --git a/package.json b/package.json index e9b7003bd..304a466e3 100644 --- a/package.json +++ b/package.json @@ -93,6 +93,7 @@ "limiter": "^2.1.0", "mqtt": "^4.2.8", "node-cloudflared-tunnel": "~1.0.9", + "node-radius-client": "^1.0.0", "nodemailer": "~6.6.5", "notp": "~2.0.3", "password-hash": "~1.2.2", diff --git a/server/database.js b/server/database.js index b17e7f4ed..4ce509f3c 100644 --- a/server/database.js +++ b/server/database.js @@ -58,6 +58,7 @@ class Database { "patch-monitor-expiry-notification.sql": true, "patch-status-page-footer-css.sql": true, "patch-added-mqtt-monitor.sql": true, + "patch-add-radius-monitor.sql": true, }; /** diff --git a/server/model/monitor.js b/server/model/monitor.js index f2d16524b..0b8fade43 100644 --- a/server/model/monitor.js +++ b/server/model/monitor.js @@ -7,7 +7,7 @@ dayjs.extend(timezone); const axios = require("axios"); const { Prometheus } = require("../prometheus"); const { log, UP, DOWN, PENDING, flipStatus, TimeLogger } = require("../../src/util"); -const { tcping, ping, dnsResolve, checkCertificate, checkStatusCode, getTotalClientInRoom, setting, mqttAsync } = require("../util-server"); +const { tcping, ping, dnsResolve, checkCertificate, checkStatusCode, getTotalClientInRoom, radius, setting, mqttAsync } = require("../util-server"); const { R } = require("redbean-node"); const { BeanModel } = require("redbean-node/dist/bean-model"); const { Notification } = require("../notification"); @@ -87,7 +87,12 @@ class Monitor extends BeanModel { mqttUsername: this.mqttUsername, mqttPassword: this.mqttPassword, mqttTopic: this.mqttTopic, - mqttSuccessMessage: this.mqttSuccessMessage + mqttSuccessMessage: this.mqttSuccessMessage, + radiusUsername: this.radiusUsername, + radiusPassword: this.radiusPassword, + radiusCalledStationId: this.radiusCalledStationId, + radiusCallingStationId: this.radiusCallingStationId, + radiusSecret: this.radiusSecret }; if (includeSensitiveData) { @@ -435,6 +440,30 @@ class Monitor extends BeanModel { interval: this.interval, }); bean.status = UP; + } else if (this.type === "radius") { + let startTime = dayjs().valueOf(); + try { + const resp = await radius( + this.hostname, + this.radiusUsername, + this.radiusPassword, + this.radiusCalledStationId, + this.radiusCallingStationId, + this.radiusSecret + ); + if (resp.code) { + bean.msg = resp.code; + } + bean.status = UP; + } catch (error) { + bean.status = DOWN; + if (error.response?.code) { + bean.msg = error.response.code; + } else { + bean.msg = error.message; + } + } + bean.ping = dayjs().valueOf() - startTime; } else { bean.msg = "Unknown Monitor Type"; bean.status = PENDING; diff --git a/server/server.js b/server/server.js index 79cb21026..55b108168 100644 --- a/server/server.js +++ b/server/server.js @@ -674,6 +674,11 @@ try { bean.mqttPassword = monitor.mqttPassword; bean.mqttTopic = monitor.mqttTopic; bean.mqttSuccessMessage = monitor.mqttSuccessMessage; + bean.radiusUsername = monitor.radiusUsername; + bean.radiusPassword = monitor.radiusPassword; + bean.radiusCalledStationId = monitor.radiusCalledStationId; + bean.radiusCallingStationId = monitor.radiusCallingStationId; + bean.radiusSecret = monitor.radiusSecret; await R.store(bean); diff --git a/server/util-server.js b/server/util-server.js index 54974e148..5dd81e006 100644 --- a/server/util-server.js +++ b/server/util-server.js @@ -10,6 +10,12 @@ const chardet = require("chardet"); const mqtt = require("mqtt"); const chroma = require("chroma-js"); const { badgeConstants } = require("./config"); +const radiusClient = require("node-radius-client"); +const { + dictionaries: { + rfc2865: { file, attributes }, + }, +} = require("node-radius-utils"); // From ping-lite exports.WIN = /^win/.test(process.platform); @@ -203,6 +209,30 @@ exports.dnsResolve = function (hostname, resolverServer, rrtype) { }); }; +exports.radius = function ( + hostname, + username, + password, + calledStationId, + callingStationId, + secret, +) { + const client = new radiusClient({ + host: hostname, + dictionaries: [ file ], + }); + + return client.accessRequest({ + secret: secret, + attributes: [ + [ attributes.USER_NAME, username ], + [ attributes.USER_PASSWORD, password ], + [ attributes.CALLING_STATION_ID, callingStationId ], + [ attributes.CALLED_STATION_ID, calledStationId ], + ], + }); +}; + /** * Retrieve value of setting based on key * @param {string} key Key of setting to retrieve diff --git a/src/languages/en.js b/src/languages/en.js index ab73ce354..138264534 100644 --- a/src/languages/en.js +++ b/src/languages/en.js @@ -464,4 +464,10 @@ export default { "Domain Names": "Domain Names", signedInDisp: "Signed in as {0}", signedInDispDisabled: "Auth Disabled.", + RadiusSecret: "Radius Secret", + RadiusSecretDescription: "Shared Secret between client and server", + RadiusCalledStationId: "Called Station Id", + RadiusCalledStationIdDescription: "Identifier of the called device", + RadiusCallingStationId: "Calling Station Id", + RadiusCallingStationIdDescription: "Identifier of the calling device", }; diff --git a/src/pages/EditMonitor.vue b/src/pages/EditMonitor.vue index 43f345273..e2beaca10 100644 --- a/src/pages/EditMonitor.vue +++ b/src/pages/EditMonitor.vue @@ -35,6 +35,9 @@ + @@ -70,8 +73,8 @@ - -
+ +
@@ -148,6 +151,36 @@
+ +